keycloak-scim

Author	SHA1	Message	Date
mposolda	49a2aaf7bc	Adding realmName to be logged by jboss-logging event listener closes #27506 Signed-off-by: mposolda <mposolda@gmail.com>	2024-05-28 18:41:43 +02:00
Daniel Fesenmeyer	c08621fa63	Always order required actions by priority (regardless of context) - AuthenticationManager#actionRequired: make sure that the highest prioritized required action is performed first, possibly before the currently requested required action - AuthenticationManager#nextRequiredAction: make sure that the next action is requested via URL, also based on highest priority (-> requested URL will match actually performed action, unless required actions for the user are changed by a parallel operation) - add tests to RequiredActionPriorityTest, add helper method for priority setup to ApiUtil (for easier and more robust setup than up-to-now) - fix test WebAuthnRegisterAndLoginTest - which failed because WebAuthnRegisterFactory (prio 70) is now executed before WebAuthnPasswordlessRegisterFactory (prio 80) Closes #16873 Signed-off-by: Daniel Fesenmeyer <daniel.fesenmeyer@bosch.com>	2024-05-23 09:07:56 +02:00
Thomas Darimont	ab376d9101	Make required actions configurable (#28400 ) - Add tests for crud operations on configurable required actions - Add support exposing the required action configuration via RequiredActionContext - Make configSaveError message reusable in other contexts - Introduced admin-ui specific endpoint for retrieving required actions with config metadata Fixes #28400 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com> Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>	2024-05-23 08:38:36 +02:00
Alice W	584e92aaba	Add support for organizational invites to new and existing users based on tokens Signed-off-by: Alice W <105500542+alice-wondered@users.noreply.github.com>	2024-05-06 17:57:13 -03:00
Lex Cao	7e034dbbe0	Add IdpConfirmOverrideLinkAuthenticator to handle duplicate federated identity (#26393 ) Closes #26201. Signed-off-by: Lex Cao <lexcao@foxmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-04-22 11:30:14 +02:00
mposolda	c427e65354	Secondary factor bypass in step-up authentication closes #34 Signed-off-by: mposolda <mposolda@gmail.com> (cherry picked from commit e632c03ec4dbfbb7c74c65b0627027390b2e605d)	2024-04-19 14:43:53 +02:00
Giuseppe Graziano	33b747286e	Changed userId value for refresh token events Closes #28567 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-04-11 07:46:44 +02:00
Marek Posolda	335a10fead	Handle 'You are already logged in' for expired authentication sessions (#27793 ) closes #24112 Signed-off-by: mposolda <mposolda@gmail.com>	2024-04-04 10:41:03 +02:00
Lex Cao	a53cacc0a7	Fire logout event when logout other sessions (#26658 ) Closes #26658 Signed-off-by: Lex Cao <lexcao@foxmail.com>	2024-03-27 11:13:48 +01:00
Theresa Henze	653d09f39a	trigger REMOVE_TOTP event on removal of an OTP credential Closes #15403 Signed-off-by: Theresa Henze <theresa.henze@bare.id>	2024-03-06 17:12:50 +01:00
Dmitry Telegin	854ec17fd3	- rework grant type resolution to use supports() in addition to grant type - replace initialize() with setContext() - use EnvironmentDependentProviderFactory instead of runtime checks - move OAuth2GrantTypeManager to server-spi-private - javadocs, imports, minor fixes Signed-off-by: Dmitry Telegin <demetrio@carretti.pro>	2024-02-27 19:11:32 +09:00
Tero Saarni	ac1780a54f	Added event for temporary lockout for brute force protector (#26630 ) This change adds event for brute force protector when user account is temporarily disabled. It also lowers the priority of free-text log for failed login attempts. Signed-off-by: Tero Saarni <tero.saarni@est.tech> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-02-07 14:13:33 +00:00
Douglas Palmer	e7d842ea32	Invalidate session secretly Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-01-19 15:44:35 -03:00
cgeorgilakis-grnet	ccade62289	Enhance error logs and error events during UserInfo endpoint and Token Introspection failure Closes #24344 Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>	2024-01-16 11:26:29 +01:00
Pedro Igor	8ff9e71eae	Do not allow verifying email from a different account Closes #14776 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-01-05 12:45:07 +01:00
rmartinc	d841971ff4	Updating the UP configuration needs to trigger an admin event Close #23896 Signed-off-by: rmartinc <rmartinc@redhat.com>	2023-12-18 19:24:30 +01:00
vramik	42e5055cfb	Delete `SearchableModelField` and its usages Signed-off-by: vramik <vramik@redhat.com> Closes #24722	2023-11-16 18:44:49 +01:00
paul	f684a70048	KEYCLOAK-15985 Add Brute Force Detection Lockout Event	2023-09-15 10:32:07 -03:00
Marek Posolda	506e2537ac	Registration flow fixed (#23064 ) Closes #21514 Co-authored-by: Vilmos Nagy <vilmos.nagy@outlook.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Marek Posolda <mposolda@gmail.com>	2023-09-08 08:05:05 +02:00
Takashi Norimatsu	0ddef5dda8	DPoP support 1st phase (#21202 ) closes #21200 Co-authored-by: Dmitry Telegin <dmitryt@backbase.com> Co-authored-by: mposolda <mposolda@gmail.com>	2023-07-24 16:44:24 +02:00
Michal Hajas	07c27336aa	Check whether realm has store enabled for immediately sent events Closes #21698 Signed-off-by: Michal Hajas <mhajas@redhat.com>	2023-07-14 20:50:33 +02:00
rmartinc	9bc30f4705	EventBuilder fixes to copy the store and session context Closes https://github.com/keycloak/keycloak/issues/20757 Closes https://github.com/keycloak/keycloak/issues/20105	2023-06-07 08:34:27 -03:00
Hynek Mlnarik	0d5363d0d5	Throw an exception rather than returning response Closes: #17644	2023-04-03 14:43:50 +02:00
Vilmos Nagy	4b0562da38	#16161 implement an EventBuilder constructor which can be called from scheduled tasks	2023-02-27 15:52:37 -03:00
Christian Hörtnagl	ff71cbc4f3	* fix typos in javadoc	2023-02-13 08:53:47 +01:00
Michal Hajas	883e83e625	Remove deprecated methods from data providers and models Closes #14720	2022-10-25 09:01:33 +02:00
Christoph Leistert	7e5b45f999	Issue #8749 : Add an option to control the order of the event query and admin event query	2022-09-11 21:30:12 +02:00
Jon Koops	06d1b4faab	Restore enum variant of ResourceType This reverts commit `3b5a578934`.	2022-06-30 12:20:51 -03:00
vramik	3b5a578934	Change enum ResourceType to interface with String constants Closes #12485	2022-06-29 13:35:11 +02:00
Konstantinos Georgilakis	ccc0449314	json device code flow error responses closes #11438	2022-06-29 07:23:02 +02:00
Michal Hajas	0719d3e49b	Remove EXPIRATION fields and add expired entities filtering to all queries automatically Closes #12563	2022-06-20 21:45:32 +02:00
vramik	df41f233d5	Introduce unique index for enums stored by storages Closes #12277	2022-06-15 09:12:10 +02:00
Sebastian Schuster	a0c402b93a	11198 added event information to consent granting and revocation via REST API (#11199 )	2022-06-07 11:29:20 +02:00
Michal Hajas	09c0a69a8f	Add HotRod no downtime store for events Closes #9676	2022-06-02 13:30:19 +02:00
Michal Hajas	bc59fad85b	Unify way how expirable entities are handled in the new store Closes #11947	2022-05-26 13:17:27 +02:00
vramik	0c3aa597f9	JPA map storage: test failures after cache was disabled Closes #12118	2022-05-23 13:01:30 +02:00
Michal Hajas	0bda7e6038	Introduce map event store with CHM implementation Closes #11189	2022-05-17 12:57:35 +02:00
bal1imb	07d47cf6c2	KEYCLOAK-19501 Removed exception handling on failed event persistence in the EventBuilder class.	2022-02-23 15:41:20 -03:00
Mauro de Wit	2c238b9f04	session-limiting-feature (#8260 ) Closes #10077	2022-02-08 19:16:06 +01:00
Alec Henninger	cec6a8a884	KEYCLOAK-19700: Attempt to reuse denied device authorization code results in server error	2021-11-08 11:37:51 +01:00
Vlastimil Elias	2be5f528e4	KEYCLOAK-18700 - consistently record User profile attribute changes in UPDATE_PROFILE event	2021-09-15 08:26:01 -03:00
David Hellwig	a6cd80c933	KEYCLOAK-16076 added new warining when cookies are disabled -with new branch- (#7632 ) * KEYCLOAK-16076 added new warining when cookies are disabled Co-authored-by: David Hellwig <david.hellwig@bosch.com> Co-authored-by: Christoph Leistert <christoph.leistert@bosch-si.com>	2021-09-13 11:30:11 +02:00
bal1imb	fbaeb18a5f	KEYCLOAK-18471 Added ID to admin event object.	2021-07-16 12:46:07 +02:00
Hryhorii Hevorkian	2803685cd7	KEYCLOAK-18353 Implement Pushed Authorization Request inside the Keycloak Co-authored-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com> Co-authored-by: mposolda <mposolda@gmail.com>	2021-07-03 08:47:42 +02:00
Pedro Igor	ef3a0ee06c	[KEYCLOAK-17399] - Declarative User Profile and UI Co-authored-by: Vlastimil Elias <velias@redhat.com>	2021-06-14 11:28:32 +02:00
Takashi Norimatsu	65c48a4183	KEYCLOAK-12137 OpenID Connect Client Initiated Backchannel Authentication (CIBA) (#7679 ) * KEYCLOAK-12137 OpenID Connect Client Initiated Backchannel Authentication (CIBA) Co-authored-by: Andrii Murashkin <amu@adorsys.com.ua> Co-authored-by: Christophe Lannoy <c4r1570p4e@gmail.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com> Co-authored-by: mposolda <mposolda@gmail.com>	2021-04-29 15:56:39 +02:00
AlistairDoswald	8b3e77bf81	KEYCLOAK-9992 Support for ARTIFACT binding in server to client communication Co-authored-by: AlistairDoswald <alistair.doswald@elca.ch> Co-authored-by: harture <harture414@gmail.com> Co-authored-by: Michal Hajas <mhajas@redhat.com>	2021-04-16 12:15:59 +02:00
Hiroyuki Wada	9d57b88dba	KEYCLOAK-7675 Prototype Implementation of Device Authorization Grant. Author: Hiroyuki Wada <h2-wada@nri.co.jp> Date: Thu May 2 00:22:24 2019 +0900 Signed-off-by: Łukasz Dywicki <luke@code-house.org>	2021-03-15 10:09:20 -03:00
Denis	23bfaef4bb	KEYCLOAK-15535 Account Log of user login with realm not available details when update profile	2021-03-04 08:06:36 +01:00
Juan Manuel Rodriguez Alvarado	6255ebe6b5	[KEYCLOAK-16536] Implement Audit Events for Authorization Services requests	2021-02-22 17:28:59 -03:00

1 2

92 commits